vulnerability

Red Hat: CVE-2024-58084: kernel: firmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool()

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Mar 6, 2025	Jul 9, 2025	Jul 10, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Mar 6, 2025

Added

Jul 9, 2025

Modified

Jul 10, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

firmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool()

Commit 2e4955167ec5 ("firmware: qcom: scm: Fix __scm and waitq
completion variable initialization") introduced a write barrier in probe
function to store global '__scm' variable. We all known barriers are
paired (see memory-barriers.txt: "Note that write barriers should
normally be paired with read or address-dependency barriers"), therefore
accessing it from concurrent contexts requires read barrier. Previous
commit added such barrier in qcom_scm_is_available(), so let's use that
directly.

Lack of this read barrier can result in fetching stale '__scm' variable
value, NULL, and dereferencing it.

Note that barrier in qcom_scm_is_available() satisfies here the control
dependency.

Solution

no-fix-redhat-rpm-package

References

NVD-CVE-2024-58084

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today